- Home
- CVEs with nessus.description==An update for java-1.6.0-sun is now available for Oracle Java for Red
Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security
impact of Important. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.
Oracle Java SE version 6 includes the Oracle Java Runtime Environment
and the Oracle Java Software Development Kit.
This update upgrades Oracle Java SE 6 to version 6 Update 211.
Security Fix(es) :
* OpenJDK: Incomplete enforcement of the trustURLCodebase restriction
(JNDI, 8199177) (CVE-2018-3149)
* Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181,
and 10.0.2 (Libraries) (CVE-2018-2940)
* OpenJDK: insufficient index validation in PatternSyntaxException
getMessage () (Concurrency, 8199547) (CVE-2018-2952)
* Oracle JDK: unspecified vulnerability fixed in 6u201, 7u191, 8u181,
and 10.0.2 (JSSE) (CVE-2018-2973)
* OpenJDK: Incorrect handling of unsigned attributes in signed Jar
manifests (Security, 8194534) (CVE-2018-3136)
* OpenJDK: Leak of sensitive header data via HTTP redirect
(Networking, 8196902) (CVE-2018-3139)
* OpenJDK: Missing endpoint identification algorithm check during TLS
session resumption (JSSE, 8202613) (CVE-2018-3180)
* OpenJDK: Infinite loop in RIFF format reader (Sound, 8205361)
(CVE-2018-3214)
* libpng: Integer overflow and resultant divide-by-zero in
pngrutil.c:png_check_chunk_length() allows for denial of service
(CVE-2018-13785)
For more details about the security issue(s), including the impact, a
CVSS score, and other related information, refer to the CVE page(s)
listed in the References section.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top